The following Fedora EPEL 5 Security updates need testing:
Age URL
831
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2013-11893
libguestfs-1.20.12-1.el5
596
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-1626 puppet-2.7.26-1.el5
445
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2014-3849
sblim-sfcb-1.3.8-2.el5
88
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-edbea40516
mcollective-2.8.4-1.el5
60
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-582c8075e6
thttpd-2.25b-24.el5
41
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-d1309b0eb2
libsndfile-1.0.17-8.el5
0
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-5a2146a2dd
prosody-0.9.10-1.el5
The following builds have been pushed to Fedora EPEL 5 updates-testing
cobbler-2.4.9-1.el5
globus-gssapi-gsi-11.26-1.el5
prosody-0.9.10-1.el5
Details about builds:
================================================================================
cobbler-2.4.9-1.el5 (FEDORA-EPEL-2016-9a2ae37ccd)
Boot server configurator
--------------------------------------------------------------------------------
Update Information:
Update to 2.4.9: This release works around the DNS issues we are having with
the
cobblerd.org domain. We have moved back to using hosted files on GitHub
URLs. If you are using online features like get-loaders and signature update
you will have to upgrade to this release! Also: - Fix for a
yaml.parser.ParserError in cobbler-web - Make packages arch specific to handle
arch conditional dependencies - Require python-virtinst on EL5 (bug #1107474)
---- Bugfixes * Add missing _validate_ks_template_path function so that
kickstarts for systems can now be changed again (#1156) Feature improvements
* Make kickstart selectable from a pulldown list in cobbler-web (#991) * Minor
adjustment to the error_page template (cobbler-web) Bugfixes * Exit with
an error if cobblerd executable cant be found (#1108 #1135) * Fix cobbler sync
bug through xmlrpc api (NoneType object has no attribute info) * Add strict
kickstart check in the API (again for #939) * Do not allow kickstarts in
/etc/cobbler * Fix broken gitdate, gitstamp values in version file (cobbler
version) * Prevent disappearing profiles after cobblerd restart (#1030)
Upgrade notes This release makes the use of --parent and --distro mutually
exclusive. The consequence is that subprofiles always have the same distro as
the parent profile. This has been the intended behaviour ever since subprofiles
got introduced. Please check if you have subprofiles with different distros
than the parent profile and reconsider and adjust your configuration.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1107474 - koan-2.4.4-1.el5 Missing Dependency
https://bugzilla.redhat.com/show_bug.cgi?id=1107474
--------------------------------------------------------------------------------
================================================================================
globus-gssapi-gsi-11.26-1.el5 (FEDORA-EPEL-2016-360ad6c8bd)
Globus Toolkit - GSSAPI library
--------------------------------------------------------------------------------
Update Information:
ix FORCE_TLS setting to allow TLSv1.1 and TLS1.2, not just TLSv1.0
--------------------------------------------------------------------------------
================================================================================
prosody-0.9.10-1.el5 (FEDORA-EPEL-2016-5a2146a2dd)
Flexible communications server for Jabber/XMPP
--------------------------------------------------------------------------------
Update Information:
Prosody 0.9.10 ============== A summary of changes in this release: Security
-------- * mod_dialback: Adopt key generation algorithm from XEP-0185, to
prevent impersonation attacks (CVE-2016-0756) Fixes and improvements
---------------------- * Startup: Open /dev/urandom read-only, to fix a
failure to start on some systems (fixes #585) * Networking: Improve handling of
the 'select' network backend running out of file descriptors Minor changes
------------- * Networking: Increase default internal read size to prevent
connections stalling with LuaEvent (see #583) * DNS: Discard queries that
failed to send due to connection errors (fixes #598) * c2s, s2s: Lower priority
of shutdown handler, so that modules such as MUC can always send shutdown
notifications to (remote) users (fixes #601)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1302463 - CVE-2016-0756 prosody: mod_dialback allows impersonation attacks
https://bugzilla.redhat.com/show_bug.cgi?id=1302463
--------------------------------------------------------------------------------